Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


Chapter: 

IV. Conclusions and best practice

Conclusion and Best Practices

Judicial oversight: All wiretaps should be authorized and reviewed by an independent Judge. Ths is practiced in the U.S under Title III of the Omnibus Safe Streets and Crime Control Act 1968 (Title III), the Foreign Intelligence Surveillance Act of 1978 (FISA), and the Pen Registers and Trap and Trace Devices chapter of Title 18 (the Pen/Trap statute).

Administrative monitoring of national security interceptions: The expenditure, administration and policies relating to interceptions for national security purposes should monitored by a statutory committee. This is practiced in the UK under the Regulation of Investigatory Powers Act 2000.

Distinguish between types of warrants:  The Government must distinguish between domestic and international warrants. This is practiced in the UK, Australia, and the US.

Identify authorities permitted to intercept: Clearly identify policy agencies and officers within those agencies authorized to apply for orders of interception. This is practiced in the UK and Australia.

Internal restriction: Restrict access to intercepted material within interception agencies. This is practiced under the UK Regulation of Investigatory Powers Act 2000.

Public redress mechanism: Any member of the public who is wronged by any interception activities conducted by intercepting agencies should be able to seek redress from a Tribunal. This is practiced under the UK Regulation of Investigatory Powers Act 2000.

Ability to suppress contents of intercepts: Individuals whose communications are intercepted should be able to apply for the suppression of the contents of any intercepted communication or any evidence derived therefrom. The grounds on which such applications can be made include: the communication is unlawfully intercepted; the court order approving the interception is insufficient; and the interception is not made in conformity with the court order. This is practiced in the US under Title III.1

Breach notification: Within a stated time period after the completion of an interception order, all parties involved in the interception should be notified and furnished with an inventory of the interception orders, the dates and duration of interception activities, and upon application components of the orders should be disclosed. This is practiced in the US under Title III.2

Report after completion of interception: After an interception is completed a report should be compiled and submitted to an overseeing body and should include the nature and frequency of incriminating and non-incriminating materials intercepted; the number of persons whose communications were intercepted; the number of orders in which encryption was encountered, and whether such encryption prevented law enforcement officers from obtaining the plain text of communications intercepted; the nature, amount and cost of manpower and other resources used in the interceptions; and the number of arrests, trials and convictions resulting from the interceptions. This is practiced in the US law under Title III.3

Evidence based wire-tapping: Anonymized aggregate statistics of tapping and outcomes should be proactively disclosed under the Right to Information Act. Blanket retention of ISP data, cybercafe data, roaming wiretaps etc. should be expanded or contracted based on public evidence provided by intelligence agencies on the efficacy and centrality of such blanket surveillance in preventing and solving cases of terrorism and crime. There should be transparency of wiretapping expenditures so that citizens are able to judge for themselves whether the nation is getting sufficient bang for its surveillance buck.

Higher burden of proof: Requirement for the police or any other agency asking for a wiretap to be conducted to demonstrate, with proof, that all other avenues have been exhausted or are unavailable, and that wiretapping is a necessity.

Differentiated levels of security: Establish categories of information pertaining to wiretaps i.e time of tap, phone number of tap, location of tap, conversation content of tap. These categories could be used to determine how the information should be treated.

Footnotes

  • 1. Section 2518 (10) (a), Title III.
  • 2. Section 2518 (8) (d), Title III.
  • 3. Section 2519 (2), Title III.